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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . (Currently Amended) A method comprising: 

receiving data from a network application program interface (AP hof a sending 
client, the data comprising a portion of an event to be sent from the sending client : 

determining if the data is eligible for a security operation, wherein eligibility is 
determined by selector data contained in the data; 

creating a selector based on the selector dat a, wh e r e in said so l octor i ndicates at 
leas t - a portion of th e data and o s e curity association and using said selector to search a 
database of security associations for at least one selector/security association pair 
identifying a security association corresponding to the selector, said database storing a 
plurality of selector/security association pairs corresponding to different timewise 
intervals of said event : 

applying the security operation to the data if the data is eligible, wherein applying 
the security operation comprises using the security association on the at least a portion 
of the data; and 

sending the data to which the security operation has been applied to a network 
protocol laver of the sending client . 
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2. (Currently Amended) The method of claim 1 . said event to be sent from the 
sending client to a receiving client, said database being local at said sending client, the 
receiving client storing a remote database comprising a similar plurality of 
selector/security association pairs respectively corresponding to said different timewise 
intervals of said event faf tho r c om pr i ci n g: 

using coid coloctor to coaroh a - dotabaso of - seGw i ty - a ss eG i at i ons - for ^ at -l oast - Qno - 
s ele ctor/s e cur i ty assoc i at i on pair i d e ntifying a s e cur i ty assoc i ation corresponding to the 
selector 

3. (Previously Presented) The method of claim 2 wherein the selector data is 
based at least in part on one of an internet protocol address taken from the data and a 
port indicator taken from the data. 

4. (Previously Presented) The method of claim 1 wherein applying the security 
operation comprises at least one of: 

attaching a header to the data, said header including a security operation tag; 

and 

encrypting the data. 
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5. (Currently Amended) The method of daim [[1]] 2 whoroin dotorm i n i ng i f tho 
data is o l ig i b l o 4 or tho security operation and app l ying tho ooourity oporotion if th e- d a ta ■ 
i s el igibl e depondo, at l oas t-i n - part - u p on q loca l coloctor/ 6e curity associat i on pa i rat - a - 
se nding c l i e nt corr e sponding to a remot e selootor/GQGw i ty - asfi^ Gferti^ R - pa i r - at a 
roooiving - ol i oRt , said local database selector/security association [[pair}] pairs and said 
remote database selector/security association [[pair]] pairs having been received from a 
key server. 

6. (Currently Amended) A method comprising: 

receiving data from a network protocol laye r of a receiving client, the data 
comprising a portion of an event being received at the receiving client : 

determining if the data is eligible for a security operation, wherein eligibility is 
determined by selector data contained in the data; 

creating a selector based on the selector dat a, said oo l ootor indicating at l oact a 
port i on - of tho data and o cocur i ty aoco siatieft and using said selector to search a 
receiving client database of security associations for at least one selector/security 
association pair identifying a security association corresponding to the selector, said 
receiving client database storing a plurality of selector/security association pairs 
corresponding to different timewise intervals of said event : 
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applying the security operation to the data if the data is eligible wherein applying 
the security operation comprises using the security association on the at least a portion 
of the data; and 

sending the data to which the security operation has been applied to a network 
application program interface (API) of the receiving client . 

7. (Original) The method of claim 6 wherein determining if the data is eligible for 
a security operation comprises at least one of: 

detecting a security operation tag in a header of the data; and 

detecting failure of an integrity check on the data. 

8. (Currently Amended) The method of claim 6 , said event being sent from a 
sending client to the receiving client, the sending client storing a sending client 
database comprising a similar plurality of selector/security association pairs respectively 
corresponding to said different timewise intervals of said event furth e r compri s ing: 

us i ng Go i d - eoloctor to coaroh a databaso of Gocurity n a ss oc ia tion s for a t l eas t on e 
solQctor/socurity - assoc i ation pair idontifying a soourity accooiation corresponding to tho 
s o l octo F. 
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9. (Currently Amended) The method of claim 8, said receiving client database 
selector/security association pairs and said sending client database selector/security 
association pairs having been received from a key serve r furthor comprising: 

blocking tho data from be i ng sont to tho notwork API i f no cocurity Q s c oci a t i on 
correspond i ng to - tho - co l oc tor i c f o u nd , 

1 0. (Currently Amended) The method of claim 6 wherein determining if the data 
is eligible for the security operation comprises [[:]] determining that the data is not 
eligible for the security operation if [[afl the selector that r e f e r e nc e s a database) of ■ 
secur i ty aosooiat i onc cannot be created based on the selector data , and wherein said 
data is sent to the network API of the receiving client without an applied security 
operation if it is so determined that the data is not eligible. 

11. (Canceled) 

12. (Canceled) 

13. (Previously Presented) The method of claim 6 wherein the security 
association comprises at least one of: 

applying encryption to the data; 
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removing special packaging from the data; 
applying decryption to the data; and 
performing an integrity check on the data. 

14. (Currently Amended) A machine readable storage medium having stored 
thereon machine executable instructions, execution of said machine executable 
instructions being operable to implement a method comprising: 

receiving data from a network application program interface (API) ) of a sending 
client, the data comprising a portion of an event to be sent from the sending client : 

determining if the data is eligible for a security operation, wherein eligibility is 
determined by selector data contained in the data; 

creating a selector based on the selector data , whoro i n caid coloctor indioatoc at 
l oaet a - portion of th e data and a s e curity assoc i ation and using said selector to search a 
local sending client datab ase of security associations for at least one selector/security 
association pair identifying a security association corresponding to the selector, said 
sending client database storing a plurality of selector/security association pairs 
corresponding to a succession of timewise intervals of said event : 

applying the security operation to the data if the data is eligible, wherein applying 
the security operation comprises using the security association on the at least a portion 
of the data; and 
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sending data to which the security operation has been applied to a network 
protocol (ave r of the sending client . 

15. (Currently Amended) The machine readable storage medium of claim 14^ 
said event to be sent from the sending client to a receiving client having a remote 
database comprising a similar plurality of selector/security association pairs respectively 
corresponding to said succession of timewjse intervals of said event furth e r comprising: - 

u si ng said selector to coareh - a data base of s e curity assooiationo, fo r- at le a s t on e 
s ele ctoF/socurity aocociation pair i dentify i ng o corre s ponding a s e curity acsoGiat i e ft, 

16. (Previously Presented) The machine readable storage medium of claim 14 
wherein the selector data is based at least in part on one of an internet protocol address 
taken from the data and a port indicator taken from the data. 

1 7. (Previously Presented) The machine readable storage medium of 
claim 14 wherein applying the security operation comprises at least one of: 

attaching a header to the data, said header including a security operation tag; 

performing an integrity check; and 

encrypting the data. 
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18. (Currently Amended) The machine readable storage medium of claim 14 
whoro i n d e t e rm i ning if tho data i s el ig i b le for the soourity oporat i on and app l ying tho 
se curity oporation if tho data is o li g i blo dopondc upon a looa l solootor/oocur i ty 
assosia tion pa i r at a sond i ng c lie nt corr e sponding to a remot e s e l e ctor/Gocur i ty 
asso ciat i on pa i r at a roco i ving cl io nt , said local sending client database selector/security 
association [[pair]] pairs and said remote database selector/security association [[pair]] 
pairs having been received from a key server. 

19. (Currently Amended) A machine readable storage medium having stored 
thereon machine executable instructions, execution of said machine executable 
instructions being operable to implement a method comprising: 

receiving data from a network protocol layer of a receiving client, the data 
comprising a portion of an event being received at the receiving client : 

determining if the data is eligible for a security operation, wherein eligibility is 
determined by selector data contained in the data; 

creating a selector based on the selector dat a, caid coloctor indicating at l east a - 
portion of tho data and a cocuritv ass oc ia tion and using said selector to search a local 
receiving client database of security associations for at least one selector/security 
association pair identifying a security association corresponding to the selector, said 
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receiving client database storing a plurality of selector/security association pairs 

corresponding to a succession of timewise intervals of said event : 

applying the security operation to the data if the data is eligible, wherein applying 
the security operation comprises using a security association on the at least a portion of 
the data; and 

sending the data to which the security operation has been applied to a network 
application program interface ( API ) of the receiving client 



20. (Previously Presented) The machine readable storage medium of 
claim 19 wherein determining if the data is eligible for a security operation comprises at 
least one of: 

detecting a security operation tag in a header of the data; and 
detecting failure of an integrity check on the data. 

21. (Currently Amended) The machine readable storage medium of claim 19^ 
said event being sent from a sending client to the receiving client, the sending client 
storing a sending client database comprising a similar plurality of selector/security 
association pairs respectively corresponding to said succession oftirnewise intervals of 
said even t furth e r having stored th e roon machine - oxoGutablo instruction, oxocut i on of 
sa id mach i n e e x e cutabl e instruction being op e rablo - to implomont g mothod - furth e r 
oompricing: 
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u s ing said soloctor to ooarch a databas e of - Goourity associ a t i ons for at l e ast ono - 
so l ootor/ co6 urtty a ssoc i ation pa i r identify i ng a cocur i ty a s sociation oorro s p eft d i ng to th e 



22. (Currently Amended) The machine readable storage medium of claim 21^ 
said recei ving client database selector/security association pairs and said sending client 
database selector/security association pairs having been received from a kev server 
furth e r compris i ng: 

blocking thd data from bo i ng cont to tho notwork AP I if no cocur i ty associat i on 
conrocpond i ng to th e seloctor i o foun d. 

23. (Currently Amended) The machine readable storage medium of claim 19 
wherein determining if the data is eligible for the security operation comprises [[:]] 
determining that the data is not eligible for the security operation if a selector that- 
roforoncos a databas e of - soeu f ity - a s see ia tio nB cannot be created based on the data^ 
and wherein said data is sent to the network API of the receiving client without an 
applied security operation if it is so determined that the data is not eligible . 

24* (Canceled) 



sele ctor . 
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25. (Canceled) 



26. (Previously Presented) 



The machine readable storage medium of 



claim 1 9 wherein the security association comprises at least one of : 
applying encryption to the data; 
removing special packaging from the data; 
applying decryption to the data; and 
performing an integrity check on the data. 

27. (Currently Amended) A management server apparatus at a sending client in 
which an event is transmitted from the sending client to a receiving client, the event 
having a duration and being divided into a succession of timewise intervals that are 
relatively sh ort compared to said event duration, comprising: 

a processing unit to; 

receive a plurality of selector/security association pairs from a kev server 
corresponding to said succession of timewise intervals of said event: 

receive data from a network application program interface (API ) of the sending 
client the data including a portion of the event within one of said timewise intervals . 
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determine if the data is eligible for a security operation, wherein eligibility is 

determined by selector data contained in the data, 

create a selector based on the selector data, wherein said selector indicates at 
least a portion of the data and a security association associated with at least one of said 
selector/security association pairs received from the key server . 

apply the security operation to the data if the data is eligible, wherein applying 
the security operation comprises using the security association on the at least a portion 
of the data, and 

send the data to which the security operation has been applied to a network 
protocol laver of the sending client 



28. (Currently Amended) A management server apparatus at a receiving client 
receiving an event transmitted from a sending client, the event having a duration and 
being divided into a succession of timewise intervals that are relatively short compared 
to said event duration.c omprising: 

a processing unit to: 

receive a plurality of selector/security association pairs from a key server 
corresponding to said succession of timewise intervals of said event: 

receive data from a network protocol laye r of the receiving client, the data 
including a portion of the event within one of said timewise intervals . 
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determine if the data is eligible for a security operation, wherein eligibility is 

determined by selector data contained in the data, 

create a selector based on the selector data, said selector indicating at least a 
portion of the data and a security association associated with at least one of said 
selector/security association pairs received from the key server 

apply the security operation to the data if the data is eligible, wherein applying 
the security operation comprises using the security association on the at least a portion 
of the data, and 

send the data to which the security operation has been applied to a network 
application program interface (API) of the receiving client . 
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